From 4f7956b3df7a7f87bbf7f70d9902edbd0264b43f Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Mon, 19 Jan 2009 08:13:36 +0100 Subject: [PATCH] add registration script and required config options --- config.php-dist | 13 ++ login_form.php | 2 +- register.php | 352 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 366 insertions(+), 1 deletion(-) create mode 100644 register.php diff --git a/config.php-dist b/config.php-dist index b06ee2b5b..f03f5f8e7 100644 --- a/config.php-dist +++ b/config.php-dist @@ -184,6 +184,19 @@ define('PHP_EXECUTABLE', '/usr/bin/php'); // Path to PHP executable + define('ENABLE_REGISTRATION', false); + // Allow users to register themselves. Please be vary that allowing + // random people to access your tt-rss installation is a security risk + // and potentially might lead to data loss or server exploit. Disabled + // by default. + + define('REG_NOTIFY_ADDRESS', 'user@your.domain.dom'); + // Email address to send new user notifications to. + + define('REG_MAX_USERS', 10); + // Maximum amount of users which will be allowed to register on this + // system. 0 - no limit. + define('CONFIG_VERSION', 18); // Expected config version. Please update this option in config.php // if necessary (after migrating all new options from this file). diff --git a/login_form.php b/login_form.php index 59982c295..b906e175c 100644 --- a/login_form.php +++ b/login_form.php @@ -129,7 +129,7 @@ window.onload = init; - + "/> diff --git a/register.php b/register.php new file mode 100644 index 000000000..032d8fbf0 --- /dev/null +++ b/register.php @@ -0,0 +1,352 @@ + 0; + + print ""; + + printf("%d", $is_registered); + + print ""; + + return; + } +?> + + + +Create new account + + + + + + + + + + + + + + +

+ +
+ +
"; + return; + } +?> + + + + + 0) { + $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users"); + $num_users = db_fetch_result($result, 0, "cu"); +} ?> + + + + + +

+ +
+ + + + + + + +
+ + + +
+ +
+
+ " + disabled="true" onclick='return validateRegForm()'> +
+
+ + + +

+ + Please fill in the form."; + print "

Return to registration form

"; + return; + } + + if ($test == "four" || $test == "4") { + + $result = db_query($link, "SELECT id FROM ttrss_users WHERE + login = '$login'"); + + $is_registered = db_num_rows($result) > 0; + + if ($is_registered) { + print_error(__('Sorry, this username is already taken.')); + print "

+ +
"; + } else { + + $password = make_password(); + + $pwd_hash = encrypt_password($password, $login); + + db_query($link, "INSERT INTO ttrss_users + (login,pwd_hash,access_level,last_login, email, created) + VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW())"); + + $result = db_query($link, "SELECT id FROM ttrss_users WHERE + login = '$login' AND pwd_hash = '$pwd_hash'"); + + if (db_num_rows($result) != 1) { + print_error(__('Registration failed.')); + print "

+ +
"; + } else { + + $new_uid = db_fetch_result($result, 0, "id"); + + initialize_user($link, $new_uid); + + $reg_text = "Hi!\n". + "\n". + "You are receiving this message, because you (or somebody else) have opened\n". + "an account at Tiny Tiny RSS.\n". + "\n". + "Your login information is as follows:\n". + "\n". + "Login: $login\n". + "Password: $password\n". + "\n". + "Don't forget to login at least once to your new account, otherwise\n". + "it will be deleted in 24 hours.\n". + "\n". + "If that wasn't you, just ignore this message. Thanks."; + + $mail = new PHPMailer(); + + $mail->PluginDir = "phpmailer/"; + $mail->SetLanguage("en", "phpmailer/language/"); + + $mail->CharSet = "UTF-8"; + + $mail->From = DIGEST_FROM_ADDRESS; + $mail->FromName = DIGEST_FROM_NAME; + $mail->AddAddress($email); + + if (DIGEST_SMTP_HOST) { + $mail->Host = DIGEST_SMTP_HOST; + $mail->Mailer = "smtp"; + $mail->Username = DIGEST_SMTP_LOGIN; + $mail->Password = DIGEST_SMTP_PASSWORD; + } + + // $mail->IsHTML(true); + $mail->Subject = "Registration information for Tiny Tiny RSS"; + $mail->Body = $reg_text; + // $mail->AltBody = $digest_text; + + $rc = $mail->Send(); + + if (!$rc) print_error($mail->ErrorInfo); + + $reg_text = "Hi!\n". + "\n". + "New user had registered at your Tiny Tiny RSS installation.\n". + "\n". + "Login: $login\n". + "Email: $email\n"; + + $mail = new PHPMailer(); + + $mail->PluginDir = "phpmailer/"; + $mail->SetLanguage("en", "phpmailer/language/"); + + $mail->CharSet = "UTF-8"; + + $mail->From = DIGEST_FROM_ADDRESS; + $mail->FromName = DIGEST_FROM_NAME; + $mail->AddAddress(REG_NOTIFY_ADDRESS); + + if (DIGEST_SMTP_HOST) { + $mail->Host = DIGEST_SMTP_HOST; + $mail->Mailer = "smtp"; + $mail->Username = DIGEST_SMTP_LOGIN; + $mail->Password = DIGEST_SMTP_PASSWORD; + } + + // $mail->IsHTML(true); + $mail->Subject = "Registration notice for Tiny Tiny RSS"; + $mail->Body = $reg_text; + // $mail->AltBody = $digest_text; + + $rc = $mail->Send(); + + print_notice(__("Account created successfully.")); + + print "

+ +
"; + + } + + } + + } else { + print_error('Plese check the form again, you have failed the robot test.'); + print "

+ +
"; + + } + } + ?> + + + + + +
+ +
"; ?> + + + + + +